639c78d0f88dc9ac25b65348bca153c1556f8f0570b2e025850e335fdf736ec7 | Triage

Sharing

General

Target

cf4ba72f80e005e427a44fac893b704e_JaffaCakes118
Size

1.9MB
Sample

240906-l56grazgkj
MD5

cf4ba72f80e005e427a44fac893b704e
SHA1

94e8e805a3bd0610a33161baac471266701e7012
SHA256

639c78d0f88dc9ac25b65348bca153c1556f8f0570b2e025850e335fdf736ec7
SHA512

53de1859130b419b58e4e99d13dc8c3b22fef5e57445b19d97d63e5b5f6a03db1bd62b64e818e2823a2d3c21b84eeee0872a06d4d1a57811bb9e5217bc405ffb
SSDEEP

49152:P8tVzkdYt+6BBE5TNOG1LxcsN/exbpLH5CfizjnsH7NqbBjTvysE5T5t+6U:07zIYQMO0G1Lxd/ephZ9zjnfd3vDO5QN

Score

7^/10

discovery execution upx

Malware Config

Targets

- Target
  
  cf4ba72f80e005e427a44fac893b704e_JaffaCakes118
- Size
  
  1.9MB
- MD5
  
  cf4ba72f80e005e427a44fac893b704e
- SHA1
  
  94e8e805a3bd0610a33161baac471266701e7012
- SHA256
  
  639c78d0f88dc9ac25b65348bca153c1556f8f0570b2e025850e335fdf736ec7
- SHA512
  
  53de1859130b419b58e4e99d13dc8c3b22fef5e57445b19d97d63e5b5f6a03db1bd62b64e818e2823a2d3c21b84eeee0872a06d4d1a57811bb9e5217bc405ffb
- SSDEEP
  
  49152:P8tVzkdYt+6BBE5TNOG1LxcsN/exbpLH5CfizjnsH7NqbBjTvysE5T5t+6U:07zIYQMO0G1Lxd/ephZ9zjnfd3vDO5QN
Score

7^/10

discovery upx
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2
- Target
  
  background.html
- Size
  
  2KB
- MD5
  
  88c3d606e81a68d856b1de54714a50ba
- SHA1
  
  a803ea0758d735719de6bc085c1a3426bcb693bb
- SHA256
  
  236fa6c710a6dc88f1685573c7c00669419c56f98a795b9926348763570fe7c3
- SHA512
  
  4fb6e49d62b98ebeb41cc2e9e42bfa0e14ba62ef970fd5d4e878e390df7094a9619f7528766badc10e9c609eb03923a9fb8d0bc8487c0a46e6bbd4c874231d76
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  background.js
- Size
  
  12KB
- MD5
  
  d142c4d7daf1512a7f92d4618d2acc8d
- SHA1
  
  2374b2e4641f5e7a3f0b2d5370502b8aca44468e
- SHA256
  
  1f4696f4951fa2d772bae2cfa9bc29d7693a9eb466ec81e1216d84a2cb53be2a
- SHA512
  
  32faad37bcea2aaa5525fa10bf1e98557de040763e4a68e0fffd6e512331cf3e006cae09cb2175fd6b1958a4e570143842eb63dcddb8f91f84b7d7e6c55c6739
- SSDEEP
  
  192:CrXlfXpNxZyV1DPgrKveB7Q3IKCNqt+k8ussuPaOm3chAdyotLLFVP07jPKnSUZH:C0nDIHYCgnjssuCXeCLFVP0nPuSUIG
Score

3^/10

execution
behavioral5 behavioral6
- Target
  
  extension.js
- Size
  
  6KB
- MD5
  
  9f418512ab22478cf86028e561904676
- SHA1
  
  35360a0959c7a196cd24c922753afcaf378f6593
- SHA256
  
  4ff0ca35a08780ec72f35109102e1ecb54c8457f141756ca39b1183aee84fbc5
- SHA512
  
  8c26321e5bd7403e8c49bc7894de0bf3153023d48ae7c4add84c707337610bd15ac491d4012e6183843d9fd6e6d8e8f89103a34793c23643917310c4b9037113
- SSDEEP
  
  192:f6A54AcMMKfxCFpPInrakHTbh3Y18Oxy1clGx0X:fffcMMKfxCFWnuwTbh3Y18PeGQ
Score

3^/10

execution
behavioral7 behavioral8
- Target
  
  js/api/analytics.js
- Size
  
  1KB
- MD5
  
  8a1724ae002790923ef3885a31d7d122
- SHA1
  
  a290492ff3d102dcd40262630e2ac23cd1bd47f5
- SHA256
  
  346963664b4d393b71cc2f4e4ee9a858252915753f4a08a234c1944ca4d7d90a
- SHA512
  
  9c7a050e522d6253463f64e9ee0f825933ef9c6f0f2eb98977c72bda6a545bb30eb59aec643a895b73cb785dccdf7c900e705fa12c17dd70927fcbfe4ccdbbf6
Score

3^/10

execution
behavioral10 behavioral9
- Target
  
  js/api/app_info.js
- Size
  
  390B
- MD5
  
  00850adbcc4350fc161584f81e30ffa6
- SHA1
  
  82465e07a475cb84fed2499451e948727d61ebcc
- SHA256
  
  855dda09865213677e35537b7cf8235ba6804648f4cb9e85e5f0263cdcc8e011
- SHA512
  
  cb5fb8e0321abf614cef86eaf1cbeb4130567efec2752f395beb32e2e05a5d1ea2a46936840bb17a7383199f0d80368b08a1c6b8e79a9a0b33fde80b07acfd85
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  js/api/chrome.js
- Size
  
  2KB
- MD5
  
  73a9835705d166f02e2d6e6530b8630c
- SHA1
  
  ec993c13c44e0403e3dcdaaf83009c8f56f15098
- SHA256
  
  9a63ce25f09d2d36248a6ace0354b39f5935707099d8fcc4a88f80576b1f863d
- SHA512
  
  1c0cd0a8b29465f75cc5b650cf8977a5ac03f5f6417ce350a0d59d1b5a6dfea472734ec9eb4d95cb91777c80bdbfdcc4b16c2f1738ee9641e2e72589f67902dd
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  js/api/cookie.js
- Size
  
  3KB
- MD5
  
  b761944791fe5f8c96f4ca0b849de92e
- SHA1
  
  eb7fbbfb5c385d119d669eca30f354551e9eeac2
- SHA256
  
  90b462484410a75a3b596de9d895034ed1f303820a2aa57fda32fe75124003c4
- SHA512
  
  dc4ef5132af0332ae84ebc311d5a3520df53c9c8378e0387dfde8f3661e6e1e5e6685225d666272f9e7964c425388424a6dc09bc4f2ebc61c1536b28f36bdf80
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  js/api/debug.js
- Size
  
  370B
- MD5
  
  226ed41ef87bb1d587df67e9d39b7c04
- SHA1
  
  aa7c0d4e86120046ba6182f951bf79f07195c630
- SHA256
  
  362bc6b995940afead12cc334a5a26323a502ad651f4020a55eae08fcbdc53b4
- SHA512
  
  fddd11033538bfcd627fef621b0766acb54371d046ace5e8a9e803329e088ab7ff7377c3796fa236417b65c094fbc93c6eb43f95636ed4b07eb1460162b3f4d3
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  js/api/dom.js
- Size
  
  1KB
- MD5
  
  ca235f634960eadfd01a284d6d4a003b
- SHA1
  
  af3278ee4f0a72df2d0e3a2d790487e3cf0aa156
- SHA256
  
  fd081a0af9fe7c96fe8cc01691e7371a410d8d0a390c1299f03456316e3c96f6
- SHA512
  
  2b85db41943f0da24cdb8c30d617d819037fb10055e2eb345367c87489bdbc5424d4cd9e98d9efdcfc928cc20ecfcae630ce1911d44260b0007bf33d87cb2484
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  js/api/fb_api.js
- Size
  
  3KB
- MD5
  
  51437c93e96c0ee6723ee8a7f62cbb64
- SHA1
  
  49a4199caaaed85c5698e915d245e870c48485f9
- SHA256
  
  0798c2c5e75536ac5ccb9c19461c336243a89afc3eec6f56c920aa59e181c111
- SHA512
  
  0d8f010eaf753caee011bf00368b7e8345b56e760cd19d14d41fad33de34a8a5e2f31b56b28307f7454b5ec4afa045e2a62e2ba5541f0644f7bc60603d7d3634
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  js/api/installer.js
- Size
  
  291B
- MD5
  
  fe5826b284bedca9d85be103211839cc
- SHA1
  
  8e2eec338caae01d93b9d234b802b47e6fbd95c5
- SHA256
  
  4a5f8789ec652ad9539181b4444209b9e46f3d4aee3d379441c061e54f77d51b
- SHA512
  
  352e37616b6027b1ec55c8d909834b97dd335e7b176f895da21a583005258652ad341351457678df3cf4b77c47d383064f5bb0533402500a53030e66bd8cc114
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  js/api/message.js
- Size
  
  499B
- MD5
  
  fad9c1aee350a8526790ef7ecb6ffbb8
- SHA1
  
  d7adc3706b91db7fa7bfcf74e1f1c94197f2a0de
- SHA256
  
  52c5e26be410e5a8268f0073d71f1a3040b82663a8d46e10c557af57d070ecc1
- SHA512
  
  bd3aff240ea90a1c85098241adf8eca5b125706e202c7912fd78a05d3c38f7c6670c749ba4f434807c6bbd9a6e8598e52d73ed10aaf3d4b43a87ca4cc689dd13
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  js/api/push.js
- Size
  
  1KB
- MD5
  
  f19f79a47479ce407eebecf53012900a
- SHA1
  
  25ed2ec3b5fe8497e8f4d721388997a9da3a4775
- SHA256
  
  d0741630ab409881b7c2b9b4118e878ae73365c097584686b7b805bd4189aec6
- SHA512
  
  e79a1ce42f832d23c5575b9d553ec4915f718a862cc47909b60f8c6098d918e5d6da64942a147c3589ca56aeaa89cc4aa6963d1eb97cb28a83634a1904bdec6b
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  js/api/request.js
- Size
  
  669B
- MD5
  
  0d4786c28742ba21780332d0a28a0f8d
- SHA1
  
  6c2a8e38554e48c111de05853c93f8a82c164ab0
- SHA256
  
  c363bcd887d66af0a896d7510fd82b162aad6b999d24025fb977f097d435f031
- SHA512
  
  4e7750ba971d760c324100f42eed03e40948721b947975b25abf95dd6c0b46faf853aec08b68b7e4138456db497c69c8cefb353867c5f18d9ebe8327f7f8053b
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  js/api/time.js
- Size
  
  487B
- MD5
  
  2b486283c18c468e49c2decbf7df65ef
- SHA1
  
  fcf69f9d9d7df36b1e23eb6fd248e4d2b0126ce8
- SHA256
  
  f38b80e5a4c72f2b232ed29d1af9230e9d463b18f5af530a29a4190ba1e03ac2
- SHA512
  
  711e82232f9c4e7b6a4cf1222a30af8fc1062eea54db2ccbe00e2223e480e49f4919cfdf75b40ed105e070af27c3d0a0013602d714d91f879e0d682841345afa
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32